LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: Updated cyrus-imapd packages Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Several overruns have been fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated user. As well, additional bounds checking in fetchnews was improved to avoid exploitation by a peer news admin.
 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           cyrus-imapd
 Advisory ID:            MDKSA-2005:051
 Date:                   March 4th, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Several overruns have been fixed in the IMAP annote extension as well
 as in cached header handling which can be run by an authenticated
 user.  As well, additional bounds checking in fetchnews was improved
 to avoid exploitation by a peer news admin.
 _______________________________________________________________________

 References:

  http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 15b7624cdc9037f9c4e79c600073ecf8  10.0/RPMS/cyrus-imapd-2.1.16-5.4.100mdk.i586.rpm
 05600c038393a440b049b61e561221c3  10.0/RPMS/cyrus-imapd-devel-2.1.16-5.4.100mdk.i586.rpm
 785c6f762ef8653dbd94820b0b6381a1  10.0/RPMS/cyrus-imapd-murder-2.1.16-5.4.100mdk.i586.rpm
 c11e66f88672e11d1702725479a7f0d5  10.0/RPMS/cyrus-imapd-utils-2.1.16-5.4.100mdk.i586.rpm
 71aa4e964c66ad49b2ae669cbb6e9bd1  10.0/RPMS/perl-Cyrus-2.1.16-5.4.100mdk.i586.rpm
 ffeeb4eb0f65ca39e11c180601a35d68  10.0/SRPMS/cyrus-imapd-2.1.16-5.4.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 e8c78f838cca93171d2f8cd5c8c9a879  amd64/10.0/RPMS/cyrus-imapd-2.1.16-5.4.100mdk.amd64.rpm
 e5477d6d98bc82e9ab8c1a839055cc43  amd64/10.0/RPMS/cyrus-imapd-devel-2.1.16-5.4.100mdk.amd64.rpm
 a89538a6bc145fec9e2b6b17e37d2e5e  amd64/10.0/RPMS/cyrus-imapd-murder-2.1.16-5.4.100mdk.amd64.rpm
 52b24414eee9d6fea4fe2ddf4f27bd1f  amd64/10.0/RPMS/cyrus-imapd-utils-2.1.16-5.4.100mdk.amd64.rpm
 f802162383bf61b4d9187e180b2c2bf1  amd64/10.0/RPMS/perl-Cyrus-2.1.16-5.4.100mdk.amd64.rpm
 ffeeb4eb0f65ca39e11c180601a35d68  amd64/10.0/SRPMS/cyrus-imapd-2.1.16-5.4.100mdk.src.rpm

 Mandrakelinux 10.1:
 f6cdca31a854112c2ca5f74776776f1c  10.1/RPMS/cyrus-imapd-2.2.8-4.2.101mdk.i586.rpm
 8b5794bf11f4b7999830efa69e2d28f8  10.1/RPMS/cyrus-imapd-devel-2.2.8-4.2.101mdk.i586.rpm
 4c11340d7e1f25bd0ab640a6d716ddd0  10.1/RPMS/cyrus-imapd-murder-2.2.8-4.2.101mdk.i586.rpm
 0f0e1f74726f916c0e34f2d297f7fb98  10.1/RPMS/cyrus-imapd-nntp-2.2.8-4.2.101mdk.i586.rpm
 e336fb5ddea4b2b97e91aad061293160  10.1/RPMS/cyrus-imapd-utils-2.2.8-4.2.101mdk.i586.rpm
 3a9335988510ec620e6a111f92aefb48  10.1/RPMS/perl-Cyrus-2.2.8-4.2.101mdk.i586.rpm
 525da02530ca95c483aca8267b759219  10.1/SRPMS/cyrus-imapd-2.2.8-4.2.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 230bb0fcbe79666f2e7a58d86320277e  x86_64/10.1/RPMS/cyrus-imapd-2.2.8-4.2.101mdk.x86_64.rpm
 7b9c9cd889f294a04952d6e4491ac8bf  x86_64/10.1/RPMS/cyrus-imapd-devel-2.2.8-4.2.101mdk.x86_64.rpm
 d859ab07c750bfdfd50f770bd7e3c54d  x86_64/10.1/RPMS/cyrus-imapd-murder-2.2.8-4.2.101mdk.x86_64.rpm
 1b88303a5c38ebf4dfff3867d95db3cf  x86_64/10.1/RPMS/cyrus-imapd-nntp-2.2.8-4.2.101mdk.x86_64.rpm
 82ae917972b5cf748d7ba2401da0ec83  x86_64/10.1/RPMS/cyrus-imapd-utils-2.2.8-4.2.101mdk.x86_64.rpm
 b8c33ab3333f8c6757bc554f1b735d8f  x86_64/10.1/RPMS/perl-Cyrus-2.2.8-4.2.101mdk.x86_64.rpm
 525da02530ca95c483aca8267b759219  x86_64/10.1/SRPMS/cyrus-imapd-2.2.8-4.2.101mdk.src.rpm

 Corporate 3.0:
 5f9b9b9352a4bf01e1d7d60bc0b2acd4  corporate/3.0/RPMS/cyrus-imapd-2.1.16-5.4.C30mdk.i586.rpm
 611e40f49b42c9bef517f577ae84e118  corporate/3.0/RPMS/cyrus-imapd-devel-2.1.16-5.4.C30mdk.i586.rpm
 c5a7d27fec6bf10bc5a423d5228c3c97  corporate/3.0/RPMS/cyrus-imapd-murder-2.1.16-5.4.C30mdk.i586.rpm
 ddaafa645b1052c4008805a6755983c6  corporate/3.0/RPMS/cyrus-imapd-utils-2.1.16-5.4.C30mdk.i586.rpm
 00b8785bd521991143ab1dac0d5862c1  corporate/3.0/RPMS/perl-Cyrus-2.1.16-5.4.C30mdk.i586.rpm
 709aa090996e807f3370552cb810f15e  corporate/3.0/SRPMS/cyrus-imapd-2.1.16-5.4.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 b6b638cfe6bffc99873d5ee0b0fcd8d0  x86_64/corporate/3.0/RPMS/cyrus-imapd-2.1.16-5.4.C30mdk.x86_64.rpm
 2f4d38c95aaf387e3d60c3ccf5fa16eb  x86_64/corporate/3.0/RPMS/cyrus-imapd-devel-2.1.16-5.4.C30mdk.x86_64.rpm
 47e1de6c31502c7b799eff36a555b5bd  x86_64/corporate/3.0/RPMS/cyrus-imapd-murder-2.1.16-5.4.C30mdk.x86_64.rpm
 dfbb236b3d834829b29ddcb49a0261b0  x86_64/corporate/3.0/RPMS/cyrus-imapd-utils-2.1.16-5.4.C30mdk.x86_64.rpm
 74c7c8947715bf3c911b691afc46c8ea  x86_64/corporate/3.0/RPMS/perl-Cyrus-2.1.16-5.4.C30mdk.x86_64.rpm
 709aa090996e807f3370552cb810f15e  x86_64/corporate/3.0/SRPMS/cyrus-imapd-2.1.16-5.4.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.